Posted
by
Soulskill
on Saturday April 28, 2012 @12:40PM
from the seeing-which-way-the-wind-is-blowing dept.

suraj.sun writes "CISPA, the hotly-contested cybersecurity bill making its way through Congress, has been supported by Microsoft since it was introduced. However, the company now tells CNET that any such legislation must 'honor the privacy and security promises we make to our customers,' while also 'protecting consumer privacy.' As you may recall, the U.S. House passed CISPA on Thursday. The Obama administration has threatened to veto the bill. Quoting CNET: 'That's a noticeable change — albeit not a complete reversal — from Microsoft's position when CISPA was introduced in November 2011. To be sure, Microsoft's initial reaction to CISPA came before many of the privacy concerns had been raised. An anti-CISPA coalition letter (PDF) wasn't sent out until April 16, and a petition that garnered nearly 800,000 signatures wasn't set up until April 5. What makes CISPA so controversial is a section saying that, "notwithstanding any other provision of law," companies may share information with Homeland Security, the IRS, the NSA, or other agencies. By including the word "notwithstanding," CISPA's drafters intended to make their legislation trump all existing federal and state laws, including ones dealing with wiretaps, educational records, medical privacy, and more.'"

Why pêople hate microsoft is because of they excessive pricing scheme, you pay for a computer with WINDOWS license, then buy a server WITH A WINDOWS license AND WTF DO YOU KNOW NEXT, you have to fucking poay for a licence to ALLOW the computer to connect to the server.

Umm no. The geeks rose up about Microsoft back in the day because they tried to own the entirety of computing through a long campaign of malicious acts. Sure we hate paying licensing and the MS scheme is egregious, but thats not what evoked retribution.

Note that this is exclusively for law enforcement -- law abiding citizens would presumably have difficult obtaining technical information or copies of this product (I doubt that criminals will have much trouble). The last line on that page is telling:

So you are going to point out some 1 line marketing snippet, take it completely out of context, and then extrapolate it to mean that Microsoft is selling private consumer data to various governments. Please elaborate because I feel like I'm missing something here.

Perhaps you missed the part about technology given only to law enforcement, which allows them to take forensic data from live systems -- technology that criminals will be able to study, but which is deliberately hidden from law abiding citizens. The point is not that Microsoft is actively handing data over, the point is that Microsoft is not going to stand up to law enforcement and say, "No, we are not voluntarily helping you." The opposite is true: Microsoft is giving away technology at no cost to help law enforcement gather data from computers.

Microsoft did show an iota of backbone when it came to the clipper chip, but times have changed. Now Microsoft wants to cultivate a friendly relationship with the government. Perhaps the OP was a little strong with calling this a "first" for Microsoft, but it is not exactly something that we should expect either.

Of course Apple and Google [cnet.com] do the same things for their phone OSes. And then there's those god damn open source commies who want an authoritarian government - they must do, there are rather a lot of Linux based forensics tools [opensourceforensics.org]. Microsoft is giving away technology at no cost to help law enforcement gather data from computers? So is open source. Get over your bad self.

Microsoft is giving away technology at no cost to help law enforcement gather data from computers? So is open source. Get over your bad self.

OSS forensics tools are available to everyone, and provided by people who generally believe in giving away their code. COFFEE is available only to law enforcement, and provided by a company which generally makes money from selling closed-source, proprietary software. Please don't try to pretend that the two situations are even remotely comparable.

I want you to go home, turn off any thing on your network that might be sending broadcast traffic, fire up a computer running a freshly installed copy of a Windows that was legally obtained and theoretically shouldn't contain any rootkits or backdoors.

Then fire up a frame capture and watch all the odd traffic flowing from the box, even after you turned off things like automatic updates and netBIOS to ensure you aren't picking up legitimate services.

If you can't pin down every data stream spewing from a "pure" install of your operating system, can you be sure it doesn't have private information? A system that obfuscates it's operation is a system that doesn't protect end user privacy, just the privacy of anyone with a backdoor installed on it.

Heck, I can search the registry to see what websites you've visited, remotely if I wanted too, even after you clear your browser history and temporary data. Maybe Microsoft itself isn't violating your privacy but

Lets see your data, because if what you said was true then frankly you'd have the story of the decade, but of course it is more likely you are talking out of your tinfoil covered ass. Looking at my own Win 7 HP box, which has been running pretty much 24/7 since Oct 09, I have the browser, Steam running an update...and that is pretty much it. i have MSE checking every few hours for an update, but I'm not seeing a single thing that isn't from software i installed or authorized.

Now if you want to complain that MSFT won't take the right to install dumbshit then that's true, you can pile on the toolbars and fill your taskbar with a huge pile of shitware, but if you actually pay attention to what you install there will be VERY little traffic coming from your machine and all of it pretty obviously things you authorize, such as Windows time service calling NIST.

I want you to go home, turn off any thing on your network that might be sending broadcast traffic, fire up a computer running a freshly installed copy of a Windows that was legally obtained and theoretically shouldn't contain any rootkits or backdoors.
Then fire up a frame capture and watch all the odd traffic flowing from the box, even after you turned off things like automatic updates and netBIOS to ensure you aren't picking up legitimate services.

But how could anyone prove what you ask? You know where your info is while it's on your box. You don't know where it is once somebody else has a copy, by definition. How can anyone prove or disprove that something is or isn't being done by some other party who has surruptitiously gained a copy of the information without knowledge of the original owner? I can't prove what somebody who stole my car did with it afterwards, just as I can't prove what somebody who legally bought my car did with it afterwards.

How much they care for privacy is seen in the way they implement their OS and apps. I don't judge them in that regard, BIT before you judge, try to see how other players in the field, esp. Debian, tackle the problem of broadcasting the OS, the updates, and get optional feedback (popcon).

I worked at Microsoft until recently, and although in general I don't have many good things to say about the company, I do think they care about privacy. In general at Microsoft they are very concerned about the letter of the law, and about public opinion. They don't necessarily care about these things out of idealism or very deep beliefs, but there is a great fear of overstepping legal bounds.

I am, it's actually GOOD to see they have enough character to 1st support something, then to see that users DO NOT WANT IT, & to back clear away from it too.

* See subject-line, if that's what you really feel is a "1st" from them then...

APK

P.S.=> You've got to understand that BIG & POWERFUL as M$ is (& I am definitely a 'fanboy' of theirs + everyone around here knows that much), that YES, they too, have been "hassled" by government & know what THAT's about, & turning THE REPUBLICANSht [house.gov]

Seriously? What is wrong with you guys? How in the fuck did you even come up with a system where non related shit can be tacked on to a bill? Is it bullshit that got added on later or were your vaunted founding fathers slightly retarded?

I blame the fact that most Americans have no idea why their rights are important, or what life would be like without those rights. We are already starting to get our feet wet with this, but people need to be tossed in head first before they really understand the issues. When people are being asked for their papers before being allowed to cross state lines, when their search histories are scrutinized whenever they try to spend money, when it becomes impossible to live without breaking laws and bribing cops, then people will understand -- but by then it will be too late anyway.

But I feel this can still come back to poor public education.I was only required to take one "Civics" class really didn't have anything coherent to say.It stead of forcing us to memorize the Bill of Rights they should have actually explained what they did for citizens. We didn't even break down the Constitution and discuss what powers are given to the Federal government and are reserved for State governments. ect. ect.

So because you had a single class that didn't explore things that would help you out later in life, you think that all public education is bad?

Public education is awful because of the mentalities that rote memorization and teaching to the test are effective forms of learning. They're not, even if there is no other solution (but other solutions have been proposed).

Honestly, it isn't difficult to figure out why so many people don't find "learning" (really, it's "schooling") fun.

for the same cost

How lazy and short-sighted. Not even willing to consider an alternative that might drastically improve the public education system just because it costs more? No wonder no on

I blame the fact that most Americans have no idea why their rights are important, or what life would be like without those rights. We are already starting to get our feet wet with this, but people need to be tossed in head first before they really understand the issues.

I remember a political text I read years ago in which the author was of the opinion that every democracy should experience a few years (or decades, as is wont to happen) of fascism to both fully appreciate the value of what's been lost as well as to learn what stupid mistakes to avoid next time around...

I remember a political text I read years ago in which the author was of the opinion that every democracy should experience a few years (or decades, as is wont to happen) of fascism to both fully appreciate the value of what's been lost as well as to learn what stupid mistakes to avoid next time around...

Right. Because the US Civil war was such a wonderful experience and improved 'democracy' for all citizens.

Sorry, it's just a bit more complex than that. You just don't hit CTL-ALT-DELETE and reboot a society.

I blame the fact that most Americans have no idea why their rights are important, or what life would be like without those rights. We are already starting to get our feet wet with this, but people need to be tossed in head first before they really understand the issues.

I remember a political text I read years ago in which the author was of the opinion that every democracy should experience a few years (or decades, as is wont to happen) of fascism to both fully appreciate the value of what's been lost as well as to learn what stupid mistakes to avoid next time around...

No generation of people, once their freedom has been lost, has ever recovered that freedom during that generation. The only hope at that point is to pass to the next generation a love and desire for freedom

- starting? The only obvious difference between what's been going on for about 100 years in USA now and what's been happening since 9/11 is that before the transgressions against individual rights only hit minorities (employers and investors mostly but also other individual property owners), while what's happening now is hitting the majority (everybody else).

The rights of individuals were been compromised in USA for a long time now and when I say that I include the right to pursuit of happiness, as in - g

The only obvious difference between what's been going on for about 100 years in USA now and what's been happening since 9/11 is that before the transgressions against individual rights only hit minorities (employers and investors mostly but also other individual property owners)

Because when I look at the history of the United States, and I consider the minorities that have at various times had their individual rights trampled, business owners and venture capitalists are the first on my list.

Having met "homeschool parents" (I was homeschooled for a bit, growing up) I can honestly say that no matter how shitty the schools are, they are far and away better than most homeschoolers. It can be done well and with those people I have no complaint, but, in my experience, those parents are less concerned with quality education that with isolating children from "corrupting influences" or more thoroughly impressing religious doctrine in the guise of education.

I'm not exactly fond of my memories in public school, but having met a number of homeschooled kids, I'm so very, very thankful I was not among them.

You hit it right on the head with the religious indoctrination. Most of these kids aren't taught by parents who, let's face it, are even LESS qualified than normal, public teachers. And they're not taught at home because public schools teach to the test, don't give all the resources and attention to students in trouble, or because of the lack of proper coverage

I'm hardly hand-waving. Read the rest of my post (the part you didn't care to quote).

It can be done well and with those people I have no complaint, but, in my experience,

As a college educated individual in a STEM discipline, I'd feel perfectly confident with homeschooling in science or math courses. Have me try to teach a history class and the results would be comical at best. The idea that John Q. Public, with nothing more than a textbook for the class, can be as effective at education as someone with Masters (required in my state, YMMV) is indicative of the dismissive attitude we tend to

As a college educated individual in a STEM discipline, I'd feel perfectly confident with homeschooling in science or math courses. Have me try to teach a history class and the results would be comical at best.

So, because you find it too difficult to do the work to put together a competent lesson plan in History, nobody else can?

he idea that John Q. Public, with nothing more than a textbook for the class,...

In what world is "John Q. Public" limited to only "a textbook for the class"? There are tons of sources for course material, lesson plans, etc etc in nearly every conceivable subject and at nearly every level, many if not most done by those with Masters and PhD's.

Some notable stats: among homeschooling fathers, ~32% have "Some College/No Degree" or less. Mothers do slightly worse with ~33% having the same education level. If we include through BA/BS (which is unlikely to be in something relevant to teaching) the numbers are even more stark. At a time when we are demanding more of our teachers, are we also going to say that a few classes at the community college is sufficient to teach high school calculus?

Source [ed.gov]

Never mind the stats you quote are from the Federal Dept. of Education, and with the government's track-record of "massaging" d

Fuck it, it's a free country and we can choose to believe what we want, right or wrong.

Hello, that's precisely the point! Thank you!

The government wants to take away the freedom (that "free country" bit) to choose to not send your kids to a public school, to believe that yourself or someone of your own choosing can do a better job than the local public school with gangs and drugs and mediocre teachers.

The politicians get campaign contributions and other re-election assistance in exchange for highly union-friendly teacher's union contracts the public at large who pays for it would never agree

Teachers & Professors could easily be replaced by Youtube... Online discussion forums could replace classrooms -- We have the technology. Sadly, the bottom line is: People that want to learn will. People that don't won't... (...shouldn't have to?) It's kind of strange to me -- Do kids in other countries make fun of you for making good grades? I mean, making bad grades and being feared as a "hardcore thug", having a "fat roll" of money and many "bitches and hoes" for sexual parters was actually pre

It can be done well and with those people I have no complaint, but, in my experience, those parents are less concerned with quality education that with isolating children from "corrupting influences" or more thoroughly impressing religious doctrine in the guise of education.

Honestly? With the focus on rote memorization and teaching to the test so prevalent in public schools, just about anything is better.

I'm not sure this is a case of unrelated crap being tacked onto a bill (not that this doesn't happen all too often). This is a bill that deals with information sharing between law enforcement and private businesses. It's scope may prove to be much wider that what its authors claim. But its more a matter of unintended consequences of the legislation rather than some extra language being slipped in.

It happened because the public is too involved making sure their party gets elected, right or wrong, to give a fuck about what their party is actually doing. This kind of thinking has all the trappings of a high school football game. The sooner that people abandon their party the sooner we get back to being where we need to be. The current division in American trust is split along party lines and even when both "sides" agree they refuse to come to terms because they see it as taking on the banner of the enemy.

People planet wide will suffer for what has happened for decades to come.

Seriously? What is wrong with you guys? How in the fuck did you even come up with a system where non related shit can be tacked on to a bill? Is it bullshit that got added on later or were your vaunted founding fathers slightly retarded?

We don't care that our government has been stripping away our rights and privacy for years because we are too concerned with stupid shit that happened on tv last night. I could go on but you all know the story.

Actually the founding fathers had it right because they had to fight for their liberty. Now we only fight when the president declares war without approval from Congress. Fucking bush should have been impeached for that shit. All Clinton did was get a blow job and put his cigar where it didn't belong. Bush got several thousand people killed and they still hate us in the middle east.

(in case you missed it, the last UK Government under Gordon Brown sold the 310 tons of gold in reserve to the Chinese at the 1925 Bullion Standard, which is £3s20d10.5/oz (or when he did it, a hair under £4). Nobody seems to know where that money has gone. I wonder if either the US preceded with a similar act or followed soon after?).

With corporate backers of CISPA including Facebook, there is room for tech giants to secure some quick PR gains in the tech community with this. I think many people found the Windows 8 developer/consumer preview underwhelming, if not annoying. Seriously, Windows without a Start menu? I'm starting to believe the Mayans about what's supposed to happen in December. What was more alarming about this Windows 8 business, is how closed Microsoft was to popular opinion. The Windows 7 RC generated massive contributions. (It actually did... I am not just citing the "Windows 7 wsa my idea" ad campaign.) It seems that Windows 8 was entirely Microsoft's idea. If they want to be numb to the complaints of their own fanbase and turn Windows 8 into the bastard child of a currently non-existent Windows tablet and a Windows 7 PC, that is cool... I run Linux anyway. I was only responding to the developer preview to help them out. I do not think political PR stunts like this can change the fact that Microsoft is turning into a corporation more and more out of touch with their own customer base. Seriously, try to explain to corporate America why a clusterfuck start screen of different apps helps productivity. Windows 8 may be the greatest giveaway to RHEL ever, and not even appealing to populist disgust with CISPA is going to change that.

I'm starting to believe the Mayans about what's supposed to happen in December.

Completely offtopic, but you actually wouldn't believe the Mayans, because no single Mayan ever claimed that the world would come to an end, if a Long Period ends. This is just made up by some guys in other countries wanting to make a quick buck by selling "old myths of the navite people" books which predict dire doom to everyone.If anything, the Mayan Calendar Doom is just intellectual colonialism - stealing some cultural artefacts and reselling them out of context to others.

On the other hand, Microsoft plans to sell their Cloud Services to Europeans too, and if they want to do that they have to make sure that their services follow European Law, and that means that they can't at the same time follow CISPA

They could just operate one data center in the USA and one in Europe, and serve both markets with the same software. In the early 90s, Microsoft was worried about Europeans not buying their products because the NSA was pushing for back doors; this time around, Microsoft only needs to separate their customers by region. They might not even need two data centers; just one, with a region column in each table that dictates which laws and privacy rights need to be respected.

No. CISPA requires (in its current reincarnation), that a U.S. company allows access to all its servers on a request based on CISPA, may they be domestic or overseas.As such, CISPA collides with european requirements.

No, I like Windows 7 and still have an unwrapped copy of XP in case the world ends. Perhaps I should have said I use Linux and Windows. And yes, I think you will find that many people here believe that Windows 8 "basically sucks".

>No, I like Windows 7 and still have an unwrapped copy of XP in case the world ends.

I don't see how the wrapping will help... there aren't many world-end scenarios where anybody will be enforcing copyright licenses anymore... well unless you take yours from the more extreme corporate-rule cyberpunk stories of the 80's - but those don't exactly count as "world ended" in my book, they are just "world radically changed for the worse".Either way they didn't happen and probably won't. They were based on a pre

They can capitalize on this, if they try; they haven't tried yet. What they've said now isn't a reversal at all, just a clarification at best. They probably already think CESSPOOL^WCISPA "helps to tackle the real threat of cybercrime while protecting consumer privacy", or can be massaged a bit to do so--especially if it helps make them look tough on "piracy" of their software.

How does MS cap on this, to regain whatever goodwill they bled from their customers and not look like they'll happily whore themsel

the real sign that Mayans where is the cubs wining but that does not look like it will happen this year.

But windows 8 is fast becoming windows ME 2. ME sucked so bad that people wanted 98se over it.

I do hope that some of the new under the hood stuff get's back ported or shows up in a Unofficial Service Pack like how the Unofficial Windows 98 SE Service Pack adds some of new stuff that was in windows ME.

They will keep putting forward bill after bill, chipping away privacy rights a little at a time if necessary. Any setback is merely temporary for them. Time (and money) is on their side.

What someone should be doing is introducing legislation that enumerates, codifies, and protects specific rights and expectations of privacy that citizens have, and then work the anti-terrorist/copying/IP laws around that framework. (I know, we shouldn't need to do this, but it's our system apparently.) This is bass-ackwards.

What someone should be doing is introducing legislation that enumerates, codifies, and protects specific rights and expectations of privacy that citizens have

You would have to amend the constitution for that. Here is how I would word such an amendment:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Of course, there is no way anyone would dare to include such language in our constitution, at a time when we are surrounded by enemies who are hell-bent on destroying our nation. We could be attacked at any time; how can we even think of codifying such a right in our constitution?

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

For those of you who didn't get the reference, that is the 4th Amendment of the US Constitution, proposed in 1789, and enacted in 1791.

If it's this simple to 'get around' laws preventing the transfer of certain types information from business to government (by sending it through a third-party), or route internet traffic through Canada so the FBI can process everything (where they can't do it in

To be sure, Microsoft's initial reaction to CISPA came before many of the privacy concerns had been raised. An anti-CISPA coalition letter (PDF) wasn't sent out until April 16, and a petition that garnered nearly 800,000 signatures wasn't set up until April 5.

So in other words MS was perfectly willing to allow the US government access to all it's customers data and machines without a warrant or any kind of reasonable probable cause as long as it was on the down low. But when it is publicized, they decide it is not such a s good idea. This situation leads credence that MS might already supply customer data on demand to the US government [judiciaryreport.com], so this is really SNAFU.

This bill supercedes the US constitution. Its a blank cheque to the content industries. For Americans wanting anything left of their civil liberties, they should fight this. Americans send missiles, guns, ships, and bombs to other countries to protect their interests. Why is no one sending these materials to the content industries that have effectively enslaved them? The content industries can commit capital crimes (murder, slavery, torture, anything they like) because of this bill. They crossed the line. Its a disgrace to all those who fought in any war in the US. The gutless legislators who supported this sold the farm. They don't deserve citizenship. The US can no longer be called a democracy, because it isn't.

The first amendment is not interpreted literally. Otherwise, we wouldn't have laws on slander, libel, or any speech whatsoever. Why should the rest of it be interpreted literally?

Why? Well, since you asked: It's due to the one party system. You see, the Federalist party supported the spirit of the law, while the Democratic-Republican part (yes singular, "party") wanted the laws interpreted quite literally. Since the only major opposition to the Democratic-Republican party is gone, only the the literal interpretation party remains, and it happens to have a virtual monopoly on votes, so there's no way to vote them out. (They removed the hyphen so it wouldn't seem like a 1 party s

Microsoft pro privacy? Last I looked their mainstay platform was vulnerable to keyloggers, backdoors (some installed during development at the behest of the US GOVERNMENT), over a quarter million malware strains... with those kind of numbers I don't think it was sloppy coding that did it, I think it was done deliberately. If they were concerned about security and privacy we wouldn't have an anti-malware industry that sucks in more money than the SOHO industry because it'll've been done right at RTM and ther

The #1 issue in the United States of America is that there is a government and congress in Washington that continues to pass laws and carry out acts that violate the civil liberties and constitutionally protected rights of ordinary Americans, rights that George Washington and 100s of Americans fought to preserve.

"CISPA, the hotly-contested cybersecurity bill making its way through Congress, has been supported by Microsoft since it was introduced..."

Ok, I will admit that I am a Windows user and I don't find Microsoft the worst company on the planet though something seems weird with this. Just because they have stopped supporting it now citing "privacy", we are meant to applaud them? They initially supported it so while it might seem like a good move now, the didn't have this problem a week ago.

A list of every congress person and senator who votes for this bill should be compiled and put onto a Black List. Then informed voters can let them know that they will be voted out of office next elections for actions against the People of the United States

Please - the only reason Microsoft is backing away from it now is because they were caught supporting it. Look for them to happily support the next anti-consumer bill to come down the pike if the bill benefits them... and just like this time, and SOPA before it, they'll quietly hope that this time, nobody notices.

Please - the only reason Microsoft is backing away from it now is because they were caught supporting it.

They haven't backed away from it. It's only one of their reputation managers in MSM adding some positive spin.

To quote a Reddit poster:

Ugh, this is the same pattern as SOPA. Microsoft supported SOPA (which is the house version of the PROTECT IP act, which they still support) for a month until it started to get bad press. Then they changed their position to "it needs more work". They never said they opposed it.

The person who interpreted that as "opposition" was... Declan McCullagh of CNet! The very same guy who is now trying to give the impression that Microsoft no longer supports CISPA.

1) Microsoft happily supported it because at the time no one outside of Congress and a few tech giants knew what it actually was. Once its evils were divulged and the tech world at large began ringing the alarms, Microsoft scuttled back. I doubt you'll find those PR release in support of CISPA now, at least not without resorting to archive.org

2) Google actually took no position on CISPA. Their quote [cnet.com] is as follows:

"We think this is an important issue and we're watching the process closely but we haven't taken a formal position on any specific legislation."

(The author of the CNET article posted that above-linked quote. Read the story for context).

In other words, Google is sitting back and not taking any position. Nice attempt to shill on your part, though.

They also have a substantial and growing online services division, and they are still in a precarious position when it comes to antitrust laws. Microsoft does not want to endanger its relationship with the government -- a relationship that basically resulted in the punishment for their previous antitrust case being completely ignored. They also sell technology to law enforcement agencies that helps in the gathering of computer evidence.

A business built on privacy violations? No, nobody can accuse Microsoft of that, at least not without some real evidence to back it up. A friendly and valuable relationship with the government, that has allowed them to continue to dominate various markets? Absolutely, and that is why they supported CISPA -- it basically gave them a free pass to cultivate that relationship.

I can't believe this comment hasn't been judged as either flame-bait or trolling. Even if Microsoft wasn't interested early on in collecting data, since they began focusing on the Web, they've made every effort to facilitate the efforts of their customers (not end users) to do so.

Aside from this, what is Bing! if not another attempt to pigeonhole every end user by their habits, preferences and communications.